China is building a massive database of Americans’ personal information as part of an evolving cyber-espionage operation targeting US government agencies and health insurance companies, US officials and analysts told The Washington Post.
To that end, last month’s massive breach of Office of Personnel Management (OPM) servers — allegedly at the hands of Chinese hackers — marked a crucial win for China in its virtual war against the US.
“Personal information is just as valuable as passwords today,” Mark Wuergler, a senior cybersecurity researcher at Immunity Inc., told Business Insider.
“Having a large database of personal information on key individuals that have access to critical infrastructure or classified information gives China an advantage in whatever agenda they have.”
Chinese hackers allegedly stole data from more than four million federal employees, whose Social Security numbers, passports, travel logs, schools attended, pets, and foreign contacts. And that data is probably in the hands of the Chinese government.
“Hackers with this information don’t necessarily need a password to access other accounts — almost all of them allow you to reset your password by just supplying it data about yourself,” he added. “This means that China may have access to a lot more systems, accounts and profiles that are outside of government control.”
The theft of federal employees’ foreign contacts is particularly valuable.
“So now the Chinese counterintelligence authorities know which American officials are meeting with which Chinese,” a China cyber and intelligence expert told the Washington Post.
An unnamed official told Reuters that information taken includes security clearance information and background checks going back decades.
“This is deep. The data goes back to 1985,” the official said. “This means that they potentially have information about retirees, and they could know what they did after leaving government.”
Cyber security experts worry that the stolen information might allow China to blackmail some of the more vulnerable employees into becoming spies or informants for the Chinese government.
“We suspect they’re using it [personnel information] to understand more about who to target for [for espionage], whether electronically or via human recruitment,” Rich Barger, chief intelligence officer of cybersecurity firm ThreatConnect, told the Washington Post.
“These databases are creating a map of connected dots,” Wuergler said. “By breaking into one organisation it points in the direction of the next juicy target to siphon data from, or add to, an arsenal of leverage over a superpower.”
The Chinese are masters of the long game, Wuergler added, and Chinese hackers have been known to infiltrate servers and maintain their access for a year or more to quietly spy on their targets.
“They are really good at what they do, and when they break into something it’s not just smash and grab,” Wuergler said, noting that hackers in the OPM network had been there for months before they were even detected.
Business Insider Emails & Alerts
Site highlights each day to your inbox.